Cybersecurity News


WhatsApp’s End-to-End Encryption Isn’t Actually Broken

WhatsApp’s End-to-End Encryption Isn’t Actually Broken WhatsApp’s moderators sent messages flagged by intended recipients. Researchers say this isn't concerning -- yet.
13 September 2021

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware Aamir Lakhani, researcher at FortiGuard Labs, explains why organizations must extend cyber-awareness training across the entire enterprise, from Luddites to the C-suite.
13 September 2021

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing The security vulnerability can be exploited with a malicious CSV file.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

This is how a cybersecurity researcher accidentally broke Apple Shortcuts

Detectify explains how investigating CloudKit resulted in Shortcuts disruption for users back in March.
13 September 2021

Beware of these 5 common scams you can encounter on Instagram

From cybercriminal evergreens like phishing to the verification badge scam we look at the most common tactics fraudsters use to trick their victims

The post Beware of these 5 common scams you can encounter on Instagram appeared first on WeLiveSecurity

13 September 2021

MyRepublic Data Breach Raises Data-Protection Questions

MyRepublic Data Breach Raises Data-Protection Questions The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
10 September 2021

Top Steps for Ransomware Recovery and Preparation

Top Steps for Ransomware Recovery and Preparation Alex Restrepo, Virtual Data Center Solutions at Veritas Technologies, discusses post-attack restoration options, and how to prepare for another one in the future.
10 September 2021

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from "Meris," the same new "Internet of Things" (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer.
10 September 2021

Week in security with Tony Anscombe

Cyberespionnage against Kurdish ethnic group, and more! – Week in security with Tony Anscombe

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 September 2021

Victims duped out of US$1.8 million by BEC and Romance scam ring

Elderly men and women were the main targets of the romance scams operated by the fraudsters.

The post Victims duped out of US$1.8 million by BEC and Romance scam ring appeared first on WeLiveSecurity

10 September 2021

Yandex Pummeled by Potent Meris DDoS Botnet

Yandex Pummeled by Potent Meris DDoS Botnet Record-breaking distributed denial of service attack targets Russia’s version of Google - Yandex.
10 September 2021

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.'
10 September 2021

5 Steps For Securing Your Remote Work Space

5 Steps For Securing Your Remote Work Space With so many people still working from home, cybercriminals are trying to cash in. Cyberattacks have increased 300% and the risk of losing important data or being compromised is much greater at home. Here are five recommendations for securing your home office.
10 September 2021

Google debuts new Private Compute features in ramp up of Android security

Google will also make the source code public for external audits.
10 September 2021

Stolen Credentials Led to Data Theft at United Nations

Stolen Credentials Led to Data Theft at United Nations Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks.
10 September 2021

US military reservist lands himself prison sentence for operating romance scams

Older women and men were among his targets.
10 September 2021

Nuisance calls could lead to multimillion-pound fines in UK

Nuisance calls could lead to multimillion-pound fines in UK

Ministers considering bringing punishment in line with GDPR, which can issue fine of up to £17.5m

Multimillion-pound fines could be imposed for nuisance or fraudulent calls and texts under a proposed overhaul of the UK’s data rules.

Companies behind nuisance communications can be fined £500,000 by the Information Commissioner’s Office (ICO) but ministers are considering bringing the punishment in line with General Data Protection Regulation (GDPR), which can issue a fine of up to £17.5m or 4% of global turnover.

Continue reading...
10 September 2021

Ukrainian man extradited to the US to face botnet, data theft charges

The suspect has been detained ahead of his trial.
10 September 2021